Last Modified: Apr 10, 2023
F5OS (all modules)
Known Affected Versions:
Opened: Mar 21, 2023 Severity: 3-Major
Manually adding TLS Certificate & Key on webUI instead of storing through Self-Signed Certificate or removing Certificate & Key removes TLS configuration, which includes verify-client and verify-client-depth.
Verify Client and Client Depth configuration of Certificate Authentication will be changed to default values which disables verification of httpd client certificates.
- When there is an existing Verify Client and Client Depth configuration, and user tries to remove TLS Certificate & Key on Certificate Management screen on webUI. - When user fills the TLS Certificate & Key on Certificate Management screen on webUI.
- Remove or Add TLS Certificate & Key through CLI. - While creating Self-Signed Certificate, set "Store TLS" field as true - Re-add Verify Client and Client Depth after removing or manually adding TLS Certificate & Key.